Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/XFS6aT52obnaOAFmTrwiMhMCJ3M.roa
File: XFS6aT52obnaOAFmTrwiMhMCJ3M.roa (raw, json)
Hash identifier: D4TIrhByUBy/ZoIe45hAV+L03wSZZ7hh1X+FJCMkbxM=
Subject key identifier: 5C:54:BA:69:3E:76:A1:B9:DA:38:01:66:4E:BC:22:32:13:02:27:73
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018475D5F0A32C00F34904135C0864E45DA0
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/XFS6aT52obnaOAFmTrwiMhMCJ3M.roa
Signing time: Mon 14 Nov 2022 11:11:05 +0000
ROA not before: Mon 14 Nov 2022 11:11:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 135377
IP address blocks: 194.87.72.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:75:d5:f0:a3:2c:00:f3:49:04:13:5c:08:64:e4:5d:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Nov 14 11:11:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5c54ba693e76a1b9da3801664ebc223213022773
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:33:87:33:32:4e:93:a0:f7:d8:13:62:79:aa:
cc:23:c9:65:a4:b9:78:a4:aa:d7:80:00:54:f9:9c:
ca:8a:ac:77:df:47:fa:53:25:bb:b5:18:9d:71:27:
bd:ec:b8:96:8f:93:48:8f:8e:0d:e9:9b:a3:ea:b3:
91:54:d6:42:d7:c6:13:71:b1:38:a8:9d:97:20:18:
11:28:d3:2f:8e:eb:39:3c:77:ab:7c:9e:86:9f:18:
51:0e:88:14:b8:fe:6a:55:dc:02:a3:a2:4a:c8:8c:
ba:26:44:45:6f:87:52:1a:54:9e:95:68:7d:85:a7:
d2:67:5e:5d:90:b5:21:96:8b:aa:de:4b:ce:9e:35:
60:de:d7:02:9e:fe:b4:a3:54:15:94:5c:83:01:3f:
b2:b3:40:de:b8:82:b1:87:b5:87:9f:cd:50:94:cb:
aa:0a:a1:a7:d4:4e:11:4e:b1:d7:47:18:17:86:00:
5c:9d:bf:82:c7:64:7c:f6:a2:0f:38:cc:a7:f0:68:
42:61:e6:16:46:7e:c3:82:c1:11:94:74:34:13:9d:
37:6f:fe:55:cd:8b:e3:6c:78:2e:43:9c:15:7e:53:
0c:44:60:11:2d:8d:75:fe:85:aa:45:ff:ed:08:79:
e0:da:aa:73:b5:fa:51:19:5b:14:02:77:3f:bd:03:
e0:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:54:BA:69:3E:76:A1:B9:DA:38:01:66:4E:BC:22:32:13:02:27:73
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/XFS6aT52obnaOAFmTrwiMhMCJ3M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.72.0/24
Signature Algorithm: sha256WithRSAEncryption
29:a7:c5:c2:f8:18:2a:22:79:4b:6a:9f:b5:09:97:72:63:c7:
f4:48:32:e8:62:3c:f6:72:0a:68:fe:59:04:61:33:92:59:64:
98:ab:15:6b:7d:69:6d:63:06:cf:59:a4:b1:3c:07:2d:3c:fe:
4c:d4:8f:8f:b2:3d:54:f9:38:68:70:50:b9:34:26:b0:7a:11:
62:a5:83:c6:55:72:ee:b1:ed:84:78:e3:e8:61:b1:c1:7a:0c:
0a:3d:4a:e2:49:cf:0a:96:4f:63:e2:b1:13:da:60:d1:05:e3:
21:a0:d0:1a:b9:eb:98:2f:9c:a6:68:8b:fc:68:f5:56:97:7d:
39:90:ca:72:98:cf:6d:f2:7f:91:dc:ca:f2:83:c3:49:82:b3:
8d:95:b4:3e:ec:33:a2:63:5e:1a:ac:cc:43:d3:32:ae:92:34:
d3:05:d1:37:d9:75:ba:4b:c9:8b:4c:be:c4:9b:92:f2:a9:52:
fa:6b:68:49:86:ed:db:8d:a9:91:3c:05:6d:25:70:1f:8f:93:
69:00:d7:6e:06:9b:ae:cb:a5:7f:93:59:78:1b:47:0b:1c:0a:
95:92:60:90:f1:91:4a:c7:dc:19:e2:33:5b:f7:73:51:52:e0:
7a:1d:41:32:6a:f5:1f:ef:41:53:d9:8f:56:85:ab:6a:26:c0:
26:94:25:e8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYR11fCjLADzSQQTXAhk5F2gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMTE0MTExMTA1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzU0YmE2OTNlNzZhMWI5ZGEzODAxNjY0ZWJjMjIzMjEzMDIyNzczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtzOHMzJOk6D32BNiearMI8llpLl4
pKrXgABU+ZzKiqx330f6UyW7tRidcSe97LiWj5NIj44N6Zuj6rORVNZC18YTcbE4
qJ2XIBgRKNMvjus5PHerfJ6GnxhRDogUuP5qVdwCo6JKyIy6JkRFb4dSGlSelWh9
hafSZ15dkLUhlouq3kvOnjVg3tcCnv60o1QVlFyDAT+ys0DeuIKxh7WHn81QlMuq
CqGn1E4RTrHXRxgXhgBcnb+Cx2R89qIPOMyn8GhCYeYWRn7DgsERlHQ0E503b/5V
zYvjbHguQ5wVflMMRGARLY11/oWqRf/tCHng2qpztfpRGVsUAnc/vQPgyQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFxUumk+dqG52jgBZk68IjITAidzMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvWEZTNmFUNTJvYm5hT0FGbVRyd2lNaE1DSjNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwldIMA0G
CSqGSIb3DQEBCwUAA4IBAQApp8XC+BgqInlLap+1CZdyY8f0SDLoYjz2cgpo/lkE
YTOSWWSYqxVrfWltYwbPWaSxPActPP5M1I+Psj1U+ThocFC5NCawehFipYPGVXLu
se2EeOPoYbHBegwKPUriSc8Klk9j4rET2mDRBeMhoNAaueuYL5ymaIv8aPVWl305
kMpymM9t8n+R3Mryg8NJgrONlbQ+7DOiY14arMxD0zKukjTTBdE32XW6S8mLTL7E
m5LyqVL6a2hJhu3bjamRPAVtJXAfj5NpANduBpuuy6V/k1l4G0cLHAqVkmCQ8ZFK
x9wZ4jNb93NRUuB6HUEyavUf70FT2Y9WhatqJsAmlCXo
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:18 2024 by rpki-client on console-fra.rpki-client.org